<?php

class Seeker
{
	function add_seeker($username, $email, $prefix, $firstName, $lastName, $suffix, $addressNum, $addressStreet, $city, $state, $zip, $gender, $phone, $password)
	{
		$conn = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD) or die('An error has occured: Could not connect to the MySQL database.');
		mysql_select_db(DB_NAME) or die("An error has occured:  Could not connect to the table.");
		
		$sql = 'insert into wms_seeker ';
		$sql .= '(username, email_address, prefix, fname, lname, suffix, address_num, address_st_name, city, state, zip, gender, phone_home, passwd, date_register) ';
		$sql .= "values('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s');";
		
		$sql = sprintf($sql
			,mysql_real_escape_string($username)
			,mysql_real_escape_string($email)
			,mysql_real_escape_string($prefix)
			,mysql_real_escape_string($firstName)
			,mysql_real_escape_string($lastName)
			,mysql_real_escape_string($suffix)
			,mysql_real_escape_string($addressNum)
			,mysql_real_escape_string($addressStreet)
			,mysql_real_escape_string($city)
			,mysql_real_escape_string($state)
			,mysql_real_escape_string($zip)
			,mysql_real_escape_string($gender)
			,mysql_real_escape_string($phone)
			,mysql_real_escape_string(hash(algor, $password))
			,mysql_real_escape_string(date('Y-m-d H:i:s')));
		
		$result = mysql_query($sql);
	
		if(!$result) die("An error has occured: " . mysql_error());
		
		mysql_close($conn);	
		
	}

	function validate_login($username, $password)
	{
		$conn = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD) or die('An error has occured: Could not connect to the MySQL database.');
		mysql_select_db(DB_NAME) or die("An error has occured:  Could not connect to the table.");
		
		$sql = "select * from wms_seeker where username = '%s' and passwd = '%s' limit 1";
		
		$sql = sprintf($sql
			, mysql_real_escape_string($username)
			, mysql_real_escape_string(hash(algor, $password)));
		
		$result = mysql_query($sql);
	
		if(!$result) die("An error has occured: " . mysql_error());
		
		$row = mysql_fetch_assoc($result);
		
		mysql_close($conn);
		return $row;
	}
}
?>